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DETAILED ACTION 

1 . Claims 1 -37 are pending for consideration. 

Information Disclosure Statement 

2. The information disclosure statements submitted on 02/13/2004 and on 
03/29/2005 are in compliance with the provisions of 37 CFR 1 .97. Accordingly, the 
information disclosure statements are being considered by the examiner. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

4. Claims 1-37 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Goldberg et al. (US 20040013112) (hereinafter Goldberg) in view of Wilson et al. (US 
71 591 1 9) (hereinafter Wilson). 

Regarding claim 1 , Roberts discloses in a local server that receives data from 
one or more remote entities over a data transport protocol, a method of applying a 
cryptographically secure hash to packets from unverified remote entities for preventing 
denial of service attacks on lookup tables used to store state information for one or 
more remote entities, while maintaining the performance of the local server for packets 
from verified remote entities, the method comprising the acts of: receiving a packet of 
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data from a remote entity that includes connection identifier information (Goldberg: 
paragraphs 0014 and 0055: hashing a portion of the received packet); hashing at least 
a portion of the connection identifier information using a first hash function for 
determining if state information exists for the remote entity in a table of verified remote 
entities (Goldberg: paragraphs 0061-0062, 0066-0067 and 0071); if the state 
information for the remote entity does not exist in the table of verified remote entities, 
hashing at least a portion of the connection identifier information using a second hash 
function that is cryptographically secure for determining if state information exists for the 
remote entity in a table of unverified remote entities (Goldberg: paragraph 0014); if the 
state information for the remote entity exists in the table of unverified remote entities, 
comparing secret information provided within the packet of data with information 
previously supplied to the remote entity for determining if the remote entity can be 
verified such that state information can be moved to the table of verified remote entities 
(Goldberg: paragraphs 0014 and 0062); if state information for the remote entity does 
not exist in the table of unverified remote entities (Goldberg: paragraphs 0072-0073 and 
0082-0084); checking whether the local server is a listener that may accept the packet 
of data from the remote entity for determining if state information for the remote entity 
should be created in the table of unverified remote entities (Goldberg: paragraphs 0071- 
0072). 

Goldberg does not explicitly disclose two lookup tables (i.e., the table of verified 
remote entities and the table of unverified remote entities). However, Wilson discloses 
two lookup tables (Wilson: See Abstract section and column 4 lines 50-54). Therefore, 
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it would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Goldberg by specifically providing the features, as taught 
by Wilson, because it is well known in the art at the time of the invention for the purpose 
of retrieving information from a secured data store that securely pre-processes provided 
access information and provides efficient retrieval of address information (Wilson: 
column 2 lines 20-24). 

Regarding claims 2 and 13, Goldberg as modified discloses wherein if the state 
information for the remote entity does exist in the table of verified remote entities, 
standard data transport protocol processing is performed (Goldberg: paragraphs 0002, 
0009 and 0048). 

Regarding claims 3 and 14, Goldberg as modified discloses wherein the standard 
data transport protocol is transmission control protocol (Goldberg: paragraphs 0002, 
0009 and 0048). 

Regarding claims 4, 15, 23 and 30, Goldberg as modified discloses wherein if the 
state information for the remote entity exists in the table of unverified remote entities, 
but the remote entity cannot be verified, the method further comprises the act of: 
checking if the packet includes a synchronization message for determining how to 
respond to the unverified remote entity (Goldberg: See figure 9). 

Regarding claims 5, 16, 24 and 31 , Goldberg as modified discloses wherein if the 
packet of data includes a synchronization message, the local server responds by either 
sending a synchronization-acknowledgement packet or by deleting the packet 
(Goldberg: See figure 9). 
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Regarding claims 6, 17, 25 and 32, Goldberg as modified discloses wherein if the 
packet of data does not include a synchronization message, the local server responds 
by one or more of the following deleting the packet, retransmitting the original message 
to the remote entity or removing the state information from the table of unverified remote 
entities (Goldberg: paragraphs 0015 and 0016). 

Regarding claim 7, Goldberg as modified discloses wherein the first hash 
function is also a cryptographically secured hash function (Goldberg: paragraphs 0014 
and 0058). 

Regarding claim 8, Goldberg as modified discloses wherein the first and second 
hash functions are one of hardware based or software based (Goldberg: paragraph 
0014). 

Regarding claims 9, 20, 27 and 35, Goldberg as modified discloses wherein if 
state information for the remote entity does not exist in either the table of verified remote 
entities or the table of unverified remote entities, and wherein the server is a listener 
that may accept the package of data from the remote entity, the method further 
comprising the acts of: creating state information for the remote entity within the table of 
unverified remote entities; and sending a synchronization-acknowledgement packet that 
includes an initial sequence number to the remote entity (Goldberg: See figure 9 and 
Wilson: See Abstract section and column 4 lines 50-54). The same motivation was 
utilized in claim 1 applied equally well to claim 9. 

Regarding claims 10, 21, 28 and 36, Goldberg as modified discloses wherein if 
state information for the remote entity does not exist in either the table of verified 
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entities or the table of unverified entities, and the server is not a listener that may accept 
the package of data from the remote entity, the method further comprises the act of: 
sending a reset command to the remote entity for indicating that the packet was not 
verifiable and needs to be resent (Goldberg: See figure 9 and paragraph 0124 and 
Wilson: See Abstract section and column 4 lines 50-54). The same motivation was 
utilized in claim 1 applied equally well to claim 10. 

Regarding claims 1 1 and 37, Goldberg as modified discloses wherein the remote 
entity becomes verified by sharing a secret sent to the remote entity by the local server 
(Goldberg: paragraphs 0056-0057 and 0066-0067). 

Regarding claim 12, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

Regarding claim 18, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

Regarding claim 1 9, this claim has limitations that is similar to those of claims 7 
and 8, thus it is rejected with the same rationale applied against claims 7 and 8 above. 

Regarding claim 22, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 

Regarding claim 26, this claim has limitations that is similar to those of claim 19, 
thus it is rejected with the same rationale applied against claim 19 above. 

Regarding claim 29, this claim has limitations that is similar to those of claim 1 , 
thus it is rejected with the same rationale applied against claim 1 above. 
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Regarding claim 33, this claim has limitations that is similar to those of claim 18, 
thus it is rejected with the same rationale applied against claim 18 above. 

Regarding claim 34, this claim has limitations that is similar to those of claim 19, 
thus it is rejected with the same rationale applied against claim 19 above. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to TRANG DOAN whose telephone number is (571)272- 
0740. The examiner can normally be reached on Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Trang Doan/ 
Examiner, Art Unit 2131 

/Ayaz R. Sheikh/ 

Supervisory Patent Examiner, Art Unit 2131 



Application/Control Number: 10/779,414 
Art Unit: 2131 



